On Nov 3, 2008, at 9:43 AM, Alissa Cooper wrote:
> I am a little confused about what you mean here. When you say
> "scheme and UI," does that mean something other than UI? I agree
> that the spec should not dictate UI (my last email contained a UI
> discussion only because there was a specific question about it).
>
> But if you're saying that all privacy considerations (including
> consent) should be optional whether they manifest in a UI or not,
> that's a different story. Can you clarify?
A platform may already have a privacy policy and UI for setting
location privacy policies in place. A platform developer may not want
these to behave differently just for web pages. If the UI (and
policies) were different for web pages and other programs that use the
same location service, it would be confusing to the users.
As a concrete example, on iPhone, CoreLocation displays a dialog twice
for each native application, telling the user that the application
wants to track its location. The user can Allow or Not Allow. In
Settings the user can turn off CoreLocation for the device completely,
as well as wipe all Location warnings. Once the warnings are wiped,
the user is challenged again when they use a CoreLocation application.
This behavior is what an iPhone user is expecting for privacy and
location based services.
If the Geolocation specification has differing UI or warning
expiration requirements than a given platform, I believe it will be
for the worse. In this situation, web pages requiring location
services will behave differently than the platform. If the location
services are granted, and suddenly expire without user interaction,
the user will think something is broken because it doesn't work like
the rest of the platform. If they are presented with more options than
allow or don't allow (and are asked too often) they will ignore these
warnings and get annoyed with them (see Vista security dialogs for a
case study).
I think the Geolocation API provides a simple and good way for web
pages to get location data. It seems to me that privacy considerations
are orthogonal issues to what this API accomplishes.
Thanks,
-- Greg